1/4 [#OSINT|#SOCMINT] Been a couple of months and almost forgot about the Research/PoC i was doing around the #GuntraderUK data leak.

Here is a FB Profile from one of the members which is pretty concerning especially if this individual keeps licensed firearms. Image
2/4 I did find more interesting posts/photo's on his timeline. A photo of him hunting with a shotgun by the looks of it and a photo/ad of a "Walther CP99 .177 Pistol" which was being advertised for sale. Image
3/4 I was able to find this profile pretty quickly after enriching all the email address's and phone numbers against a facebook dataset, then collecting all the pages on facebook these people like. I then looked at any profiles which followed pages around depression/suicide.
4/4 I've managed to build a pretty interesting dataset so far which consists of the following.

34,952 Facebook Profiles
Page Likes Collected for 32,139 Profiles
744,784 Unique Pages Identified.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with osint.support

osint.support Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @OsintSupport

16 Nov
1/5 [#OSINT|#WORDPRESS] For anyone who's been following my previous tweets over the last few days, I'm going to show you how its possible to identify someone who's commented on Wordpress website by leveraging Gravatar and Email Address Hashing.
2/5 if we visit the following link, and scroll down to the bottom, we can see many users have engaged with the authors post as shown in the image below.

isitwp.com/display-commen… Image
3/5 Starting with "Erick" we want to copy the Url of his profile image and paste it in to notepad or something similar. We then want to identify the part which is the md5 hash of his email address. After "/" and before "?" Image
Read 5 tweets
14 Nov
1/6 [#OSINT] Gravatar is used by more than 200m users, the email address used to create your account is also hashed to create your unique profile url; which poses a massive privacy implication if you was to be able to reverse the MD5 hash but also creates an opportunity.
2/6 If you have a large enough collection of email addresses you could start by hashing every single one and storing them in a table. The more you have the greater the chance you have of being able to take a url of any Gravatar Profile and decoding the registered email address.
3/6 If you take a look at the url below you will see an example of the founders profile url being used. After hashing over 3+ billion email address i am able to lookup that hash in my table to receive the founders email address for that profile.

en.gravatar.com/site/implement… Image
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Thank you for your support!

Follow Us on Twitter!

:(